# Seymore - Content Management on Rails
# 
# Copyright (c) 2006 - 2007 Thomas Mango
# 
# For license information, please visit:
# http://code.google.com/p/seymore/
# 
# File created by Thomas Mango [tsmango@gmail.com]

class UsersController < ApplicationController
  layout "page"
  
  def index
    return no_access unless user_can?('manage')
    list
    render :action => 'list'
  end

  # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html)
  verify :method => :post, :only => [ :destroy, :create, :update ],
         :redirect_to => { :action => :list }

  def list
    return no_access unless user_can?('manage')
    @user_pages, @users = paginate :users, :per_page => 10
  end

  def show
    return no_access unless user_can?('manage')
    @user = User.find(params[:id])
  end

  def new
    return no_access unless user_can?('manage')
    @user = User.new
  end

  def create
    return no_access unless user_can?('manage')
    @user = User.new(params[:user])
    if @user.save
      flash[:notice] = 'User was successfully created.'
      redirect_to :action => 'list'
    else
      render :action => 'new'
    end
  end

  def edit
    return no_access unless user_can?('manage')
    @user = User.find(params[:id])
  end

  def update
    return no_access unless user_can?('manage')
    @user = User.find(params[:id])
    if @user.update_attributes(params[:user])
      flash[:notice] = 'User was successfully updated.'
      redirect_to :action => 'show', :id => @user
    else
      render :action => 'edit'
    end
  end

  def destroy
    return no_access unless user_can?('manage')
    User.find(params[:id]).destroy
    redirect_to :action => 'list'
  end
end
